[syslog-ng]Cisco Syslog with Syslog-ng

Jozef Drahovsky syslog-ng@lists.balabit.hu
Thu, 01 Jul 2004 17:43:58 +0200 

Hello,
example my automatical very simple configuration for all daemons FeeBSD, 
500 cisco routers and one pix.


***
# syslog-ng.conf
# syslog-ng-1.6.0.r3  A powerfull syslogd replacemen
# 28.05.2004 created jozef.drahovsky.sk
# 01.07.2004 add pix
#

#-- Source 
---------------------------------------------------------------------------------------------
options { use_dns(no); long_hostnames(off); sync(0); };
source local  { internal(); unix-dgram("/var/run/log");  
file("/dev/klog"); };
source remote { tcp(); udp(); };
#-- Source end 
-----------------------------------------------------------------------------------------

#-- Filters 
--------------------------------------------------------------------------------------------
filter only_pix      { host("10.10.1.1"); };
filter only_no_pix   { not host("10.10.1.1"); };
#-- filters end 
----------------------------------------------------------------------------------------

#-- Local 
----------------------------------------------------------------------------------------------
destination local_log { file( 
"/http/monitoring/www/log/local/$PROGRAM/$YEAR-$MONTH-$DAY.txt" 
owner(www) group(www) perm(0664) dir_owner(www) dir_perm(0775)  
create_dirs(yes) ); };
log { source(local); destination(local_log);};
#-- Local end 
------------------------------------------------------------------------------------------

#-- Remote 
---------------------------------------------------------------------------------------------
destination remote_log { file( 
"/http/monitoring/www/log/host/$HOST/$YEAR-$MONTH-$DAY.txt" owner(www) 
perm(0664) dir_owner(www) dir_perm(0775)  create_dirs(yes) ); };
log { source(remote); filter(only_no_pix); destination(remote_log);};
#-------------------------------------------------------------------------------------------------------

#-- PIX 
------------------------------------------------------------------------------------------------
destination remote_pix_log { file( 
"/http/monitoring/www/log/pix/$YEAR-$MONTH-$DAY.txt" owner(www) 
group(www) perm(0664) dir_owner(www) dir_perm(0775)  create_dirs(yes) ); };
log { source(remote); filter(only_pix); destination(remote_pix_log);};
#-- PIX end 
--------------------------------------------------------------------------------------------

# EOF
***


# add to cisco
service timestamps debug datetime msec
service timestamps log datetime msec
logging buffered 65534 debugging
logging 10.10.10.10
#


I looking log file from web client.  It's all.

Jozef Drahovsky


----

 >Message From: amy wong amywsp@gmail.com <mailto:amywsp@gmail.com>
 >I'm new in syslog-ng.
 >Currently install syslog-ng-1.4.7. I have got the cisco router 
monitor, and log can be seen on /var/log/messages but not 
/var/log/cisco.log.
 >My questions are do the cisco.log file will be created automatically? 
and would you show me the right way in setting up?